User security authentication system in internet and method thereof

ABSTRACT

The present invention relates to a user security authentication system in an Internet environment and a method therefor, which generate encrypted member authentication data by combining a member ID and a password selected when a user subscribes, as a member, to an arbitrary web service provider system with a unique code value of a security code selection module such that code complexity in a step of accessing the arbitrary web service provider system can be increased, and security can be simplified and reinforced.

This application is a U.S. National Stage Filing under 35 U.S.C. 371from International Application No. PCT/KR2014/012663, filed on 22 Dec.2014, and published as WO 2015/102279 A1 on 9 Jul. 2015, which claimsthe benefit of Korean Application Serial No. 10-2014-0000300, filed on 2Jan. 2014, which applications and publication are incorporated byreference herein in their entirety.

BACKGROUND

1. Technical Field

Example embodiments of the present invention relate in general to asystem and method for user security authentication in an Internetenvironment and more specifically to a system and method for usersecurity authentication in an Internet environment, in which the usermay generate encoded member authentication data by combining a memberID, a password, and a unique code value of a security code selectionmodule that are selected when the user has signed up for membership toany web service provider system, thus increasing code complexity in astage at which the web service provider system is accessed as well assimply enhancing security.

2. Related Art

In general, the Internet is composed of computers, which are separatedfrom and communicate to each other based on a transmission controlprotocol/Internet protocol (TCP/IP), and networks including thecomputers. A variety of information is shared between different networksover the Internet.

In the early stage, the Internet provided services such as an electronicmail, a gopher, a telnet, a file transfer protocol (FTP), which did notwidely spread due to limited services that were based on text.

However, the Internet rapidly spread with development of a new Internetservice technology that is called the World Wide Web (hereinafter,referred to as the web).

The web may provide various forms of information (for example, acharacter, an image, a video, a voice, etc.) based on a communicationprotocol called hypertext transfer protocol (HTTP) and a language suchas hypertext markup language (HTML).

In addition, at an initial stage, the web provided hypertext that wassimply associated with character information, using a hyperlinktechnique that allowed direct movement from one piece of information toanother piece of information, but, presently, implements hypermedia thatassociates an image, a video, and a voice according to a request ofmultimedia information from a user.

Accordingly, the number of networks connected to, and using, theInternet rapidly increases, thus increasing the range and content ofinformation included in the Internet.

In such an Internet environment, several web services that are typicallyprovided, for example, an electronic transaction, are applied over theInternet using the above-described advantages. Furthermore, new types ofweb services are currently being developed.

Here, in such an Internet environment, any web service provider systemoperates a specific user identification (member ID and password) andauthentication means to perform management and security by a user.Accordingly, in order to use the web service provider system, specificidentification information is assigned to each user, and an individualauthentication procedure is performed on the identification informationwhenever the web service provider system is accessed.

In conventional user identification and authentication in an Internetenvironment, in order to protect a random character input attemptthrough a specific program for the purpose of account takeover, a longcharacter string is generated to increase complexity to provideprotection against a security threat such as the account takeover.However, as the character string code is longer, the user has difficultyin remembering the code.

SUMMARY

Accordingly, example embodiments of the present invention are providedto substantially obviate one or more problems due to limitations anddisadvantages of the related art.

Example embodiments of the present invention provides a system andmethod for user security authentication in an Internet environment, inwhich the user may generate encoded member authentication data bycombining a member ID, a password, and a unique code value of a securitycode selection module that are selected when the user has signed up formembership to any web service provider system, thus increasing codecomplexity in an access stage in which the web service provider systemis accessed as well as simply enhancing security.

In some example embodiments, a system for user security authenticationin an Internet environment includes: a user terminal equipped with a webbrowser; a web server connected with the user terminal over the Internetand configured to transmit a webpage in response to an access of theuser terminal, transmit a member authentication means to the webpage ofthe user terminal in response to a web service request, and provide aweb service to the user terminal in response to reception of encodedmember authentication data from the user terminal; a memberauthentication information DB configured to store member information ofusers who have signed up for membership and member authentication datafor authenticating the membership to receive the web service provided bythe web server; and a member authentication server configured to receivethe encoded member authentication data from the user terminal throughthe web server, decode the encoded member authentication data, andanalytically compare the decoded member authentication data with themember authentication data stored in the member authenticationinformation DB to determine whether a corresponding user isauthenticated as a member, in which the member authentication meansincludes a member ID, a password, and a security code selection module,the security code selection module includes a plurality of codeselection display means having respective encoded unique code values andis displayed on the webpage of the user terminal, and the memberauthentication data transmitted from the user terminal includes dataencoded by combining a member ID, a password and a unique code value ofat least one code selection display means selected among the pluralityof code selection display means in the security code selection module.

The security code selection module may be configured as asingle-dimensional or multidimensional table, and the plurality of codeselection display means may be arranged on the table to be selected by auser.

The plurality of code selection display means may include at least oneof a number, a character, a figure, an image, a color, and a keyword ora combination thereof.

When the plurality of code selection display means are displayed on thewebpage of the user terminal, the web server may provide a service suchthat the plurality of code selection display means are displayed in arandom order of arrangement.

When a plurality of code selection display means selected in thesecurity code selection module, the member authentication server maycompare an order of selecting the code selection display means in themember authentication data transmitted from the user terminal and anorder of selecting code selection display means in the memberauthentication data stored in the member authentication information DBto determine whether the user is authenticated as a member.

The web server may provide a service such that a predetermined delimitercharacter is additionally inserted into the member authentication datainput through the member authentication means at predetermined intervalsto be encoded, and the member authentication server may provide aservice such that the predetermined delimiter character is additionallyinserted into the member authentication data stored in the memberauthentication information DB at the predetermined intervals to beupdated.

In other example embodiments, a method of user security authenticationusing a system including a web server connected with a user terminalequipped with a web browser over the Internet and configured to providea web service and a member authentication server includes steps of: (a)requesting a web service from the web server through the user terminal;(b) transmitting a member authentication means to a webpage of the userterminal in response to the request of the web service in step (a)through the web server; (c) transmitting encoded member authenticationdata using the member authentication means transmitted in step (b)through the user terminal; (d) receiving the encoded memberauthentication data transmitted in step (c), decoding the receivedencoded member authentication data, and analytically comparing thedecoded member authentication data with member authentication datapreviously stored in a separate member authentication information DB todetermine whether a corresponding user is authenticated as a member,through the member authentication server; and (e) when the user isdetermined to be authenticated as a member in step (d), providing theweb service to the user terminal through the web server, in which instep (b), the member authentication means includes a member ID, apassword, and a security code selection module, and the security codeselection module includes a plurality of code selection display meanshaving respective encoded unique code values and is displayed on thewebpage of the user terminal, and wherein in step (c), the memberauthentication data transmitted from the user terminal includes dataencoded by combining a member ID, a password and a unique code value ofat least one code selection display means selected among the pluralityof code selection display means in the security code selection module.

The security code selection module may be configured as asingle-dimensional or multidimensional table, and the plurality of codeselection display means may be arranged on the table to be selected by auser.

Each of the plurality of code selection display means may include atleast one of a number, a character, a figure, an image, a color, and akeyword or a combination thereof.

When the plurality of code selection display means are displayed on thewebpage of the user terminal, the web server may provide a service suchthat the plurality of code selection display means are displayed in arandom order of arrangement.

The method of claim 7, wherein when a plurality of code selectiondisplay means are selected in the user in the security code selectionmodule of the member authentication means in step (c), the memberauthentication server may compare an order of selecting the codeselection display means in the member authentication data transmittedfrom the user terminal and an order of selecting code selection displaymeans in the member authentication data stored in the memberauthentication information DB to determine whether the user isauthorized as a member.

The method may further include, after step (c), providing a service suchthat a predetermined delimiter character is additionally inserted intothe member authentication data input from the member authenticationmeans at predetermined intervals to be encoded through the web serverand providing a service such that the predetermined delimiter characteris additionally inserted into the member authentication data stored inthe member authentication information DB at the predetermined intervalsto be updated through the member authentication server.

In still other example embodiments, a computer-readable recording mediumstoring a program for executing the method of user securityauthentication in an Internet environment is provided.

The method of user security authentication in an Internet environmentmay be implemented as computer-readable codes on the computer-readablerecording medium. The computer-readable recording medium includes allkinds of recording devices for storing data which can be thereafter readby a computer system.

Examples of the computer-readable recording medium include a read-onlymemory (ROM), a random-access memory (RAM), a CD-ROM, a magnetic tape, ahard disk, a floppy disk, a mobile storage device, a non-volatile memory(flash memory), and an optical data storage device.

BRIEF DESCRIPTION OF DRAWINGS

Example embodiments of the present invention will become more apparentby describing in detail example embodiments of the present inventionwith reference to the accompanying drawings, in which:

FIG. 1 is a block diagram illustrating a system for user securityauthentication in an Internet environment according to an embodiment ofthe present invention:

FIG. 2 is a flowchart illustrating a method of user securityauthentication in an Internet environment according to an embodiment ofthe present invention;

FIG. 3 is a view showing a member login screen for accessing a webservice provider system that is applied in an embodiment of the presentinvention; and

FIGS. 4 to 7 are views showing various examples of a code selectiondisplay means in a security code selection module that is applied to anembodiment of the present invention.

DESCRIPTION OF EXAMPLE EMBODIMENTS

Advantages and features of the present invention, and implementationmethods thereof will be clarified through following embodimentsdescribed with reference to the accompanying drawings. The presentinvention may, however, be embodied in different forms and should not beconstrued as limited to the embodiments set forth herein. Rather, theseembodiments are provided so that this disclosure will be thorough andcomplete, and will fully convey the scope of the present invention tothose skilled in the art. Like reference numerals refer to like elementsthroughout. As used herein, the term “and/or,” includes any and allcombinations of one or more of the associated listed items.

It will be understood that, although the terms “first,” “second.” etc.may be used herein to describe various elements, components, and/orsections, these elements, components, and/or sections should not belimited by these terms. These terms are only used to distinguish oneelement, component, or section from another element, component, orsection. Thus, a first element, component, or section discussed belowcould be termed a second element, component, or section withoutdeparting from the teachings of example embodiments.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of exampleembodiments. As used herein, the singular forms “a,” “an” and “the” areintended to include the plural forms as well, unless the context clearlyindicates otherwise. It will be further understood that the terms“comprises” and/or “comprising,” when used in this specification,specify the presence of stated features, integers, steps, operations,elements, and/or components, but do not preclude the presence oraddition of one or more other features, integers, steps, operations,elements, components, and/or groups thereof.

Unless otherwise defined, all terms (including technical and scientificterms) used herein have the same meaning as commonly understood by oneof ordinary skill in the art to which this inventive concept belongs. Itwill be further understood that terms, such as those defined in commonlyused dictionaries, should be interpreted as having a meaning that isconsistent with their meaning in the context of the relevant art andwill not be interpreted in an idealized or overly formal sense unlessexpressly so defined herein.

In the following description, when the detailed description of therelevant known functions or configurations is determined tounnecessarily obscure the important point of the present invention, thedetailed description will be omitted. Also, the terms described beloware defined in consideration of the functions in the present invention,and thus may vary depending on intentions or customs of a user oroperator. Accordingly, the terms will be defined based on the wholespecification.

FIG. 1 is a block diagram illustrating a system for user securityauthentication in an Internet environment according to an embodiment ofthe present invention.

Referring to FIG. 1, a system for user security authentication in anInternet environment according to an embodiment includes at least oneuser terminal 100-1 to 100-N, a web server 200, a member authenticationinformation DB 300, and a member authentication server 400.

Here, the user terminal 100-1 to 100-N is connected to the web server200 over the Internet 10 and includes a typical web browser that is usedto retrieve and display a web page, such as various hypertext markuplanguage (HTML) documents, provided by the web server 200 on a screen.

That is, the user terminal 100-1 to 100-N includes a web browser foraccessing a plurality of websites, for example, the web server 200,through the Internet 10 to search for a webpage transmitted from the webserver 200, processing information provided in a corresponding website,and transmitting a corresponding document.

In general, the user terminal 100-1 to 100-N may be a computer such as adesktop personal computer (PC) and a notebook PC, but is not limitedthereto. The user terminal 100-1 to 100-N may be any type ofwired/wireless communication device that may access the web server 200through the Internet 10 to use various web services.

Examples of the user terminal 100-1 to 100-N include a mobile terminal,such as a cellular phone, a personal communication service (PCS) phone,a synchronous/asynchronous International Mobile Telecommunication-2000(IMT-2000) phone, and so on, which can communicate through the wirelessInternet or portable Internet, and may also refer to all wired/wirelesshome/communication devices having a user interface for accessing the webserver 200, such as a palm personal computer (PC), a personal digitalassistant (PDA), a smartphone, a wireless application protocol (WAP)phone, a mobile playstation, a PDA phone, a digital multimediabroadcasting phone having a communication function, a tablet PC, an iPadand so on.

The Internet 10 refers to an open global computer network structure thatcan provide several services in the TCP/IP protocol and its upper layer,that is, a hypertext transfer protocol (HTTP), Telnet, file transferprotocol (FTP), domain name system (DNS), simple mail transfer protocol(SMTP), simple network management protocol (SNMP), network file service(NFS), network information service (NIS), or the like, and provides anenvironment in which any user of the user terminal 100-1 to 100-N mayaccess the web server 200 that is described below. The Internet 10 maybe a wired or wireless network, or a core network integrated with awired public network, a wireless mobile communication network, or aportable Internet network.

The web server 200 functions to connect the user terminal 100-1 to 100-Nwith an administration server (not shown) that is provided to any webservice provider system over the Internet 10 and provide various webservices of the administration server provided in the web serviceprovider system through a certain web page. The web server 200 mayperform the same function as that of the administration server providedin the web service provider system.

In particular, the web server 200 is connected with the user terminal100-1 to 100-N over the Internet 10 and configured to transmit a webpagein response to an access of the user terminal 100-1 to 100-N, transmit amember authentication means to the webpage of the user terminal 100-1 to100-N in response to a web service request, and provide a web service tothe user terminal 100-1 to 100-N in response to reception of encodedmember authentication data from the user terminal 100-1 to 100-N.

In this case, the member authentication means may include, for example,a member ID, a password, and a security code selection module, as shownin FIG. 3, and the security code selection module may include aplurality of code selection display means having respective encodedunique code values and is displayed on the webpage of the user terminal100-1 to 100-N.

If the plurality of code selection display means are displayed on thewebpage of the user terminal 100-1 to 100-N, the web server 200 mayprovide a service such that the plurality of code selection displaymeans are displayed in a random order of arrangement.

The member authentication data transmitted from the user terminal 100-1to 100-N includes data encoded by combining a member ID, a password anda unique code value of at least one code selection display meansselected among the plurality of code selection display means in thesecurity code selection module.

The security code selection module may be configured as asingle-dimensional (one-dimensional) or multidimensional (two, three, orfour-dimensional) table, and the plurality of code selection displaymeans may be arranged on the table to be selected by a user.

The plurality of code selection display means may include at least oneof a number, a character, a figure, an image, a color, and a keyword ora combination thereof (see FIGS. 4 to 7).

The member authentication information DB 300 functions to build adatabase including member information of users who have signed up formembership and member authentication data for authenticating themembership for each member to receive the web service provided by theweb server 200.

The member authentication information DB 300 may be implemented for thepurpose of the present invention, using a relational database managementsystem (RDBMS), such as Oracle, Infomix, Sybase, and DB2, and anobject-oriented database management system (OODBMS), such as Gemstone,Orion, and O2, and configured to have a field suitable for accomplishingits function.

The member authentication server 400 is connected with the web server200 through a wired/wireless communication means and functions toreceive the encoded member authentication data from the user terminal100-1 to 100-N through the web server 200, decode the received encodedmember authentication data, and analytically compare the decoded memberauthentication data with the member authentication data stored in themember authentication information DB 300 to determine whether acorresponding user is authenticated as a member.

When a plurality of code selection display means are selected by theuser in the security code selection module of the member authenticationmeans, the member authentication server 400 may compare an order ofselecting the code selection display means in the member authenticationdata transmitted from the user terminal 100-1 to 100-N and an order ofselecting code selection display means in the member authentication datastored in the member authentication information DB 300 to determinewhether the user is authenticated as a member.

Additionally, the web server 200 may provide a service such that apredetermined delimiter character (for example, a special character) isadditionally inserted into the member authentication data input throughthe member authentication means at predetermined intervals to beencoded, and the member authentication server 400 may provide a servicesuch that the predetermined delimiter character is additionally insertedinto the member authentication data previously stored in the memberauthentication information DB 300 at the predetermined intervals to beupdated.

A method of user security authentication in an Internet environmentaccording to an embodiment of the present invention will be described indetail below.

FIG. 2 is a flowchart illustrating a method of user securityauthentication in an Internet environment according to an embodiment ofthe present invention, FIG. 3 is a view showing a member login screenfor accessing a web service provider system that is applied in anembodiment of the present invention, and FIGS. 4 to 7 are views showingvarious examples of a code selection display means in a security codeselection module that is applied to an embodiment of the presentinvention.

Referring to FIGS. 1 to 7, in a method of user security authenticationin an Internet environment according to an embodiment of the presentinvention, first, a user accesses a specific webpage provided by the webserver 200 of any web service provider system through the user terminal100-1 to 100-N and signs up for membership.

In this case, the user selects at least one of a plurality of codeselection display means of the security code selection module that isprovided by the web server 200 and allows the selected code selectiondisplay means to be stored in the member authentication information DB300 in addition to a member ID and a password.

Next, when the user requests a web service from the web server 200through the user terminal 100-1 to 100-N (S100), the web server 200transmits a member authentication means to a webpage of the userterminal 100-1 to 100-N in response to a web service request in S100(S200).

In this case, the member authentication means may include a member ID, apassword, and a security code selection module, as shown in FIG. 3, andthe security code selection module may include a plurality of codeselection display means having respective encoded unique code values andis displayed on the web page of the user terminal 100-1 to 100-N (seeFIGS. 4 to 7).

In addition, the security code selection module may be configured as asingle-dimensional (one-dimensional) or multidimensional (two, three, orfour-dimensional) table, and the plurality of code selection displaymeans may be arranged on the table to be selected by a user.

Further, the plurality of code selection display means may include atleast one of a number, a character, a figure, an image, a color, and akeyword or a combination thereof as shown in FIGS. 4 to 7.

When the plurality of code selection display means are displayed on thewebpage of the user terminal 100-1 to 100-N, the web server 200 mayprovide a service such that the plurality of code selection displaymeans are displayed in a random order of arrangement.

Subsequently, the user terminal 100-1 to 100-N transmits encoded memberauthentication data using the member authentication means transmitted inS200 to the web server 200 (S300).

In this case, the member authentication data transmitted from the userterminal 100-1 to 100-N includes data encoded by combining a member ID,a password and a unique code value of at least one code selectiondisplay means selected among the plurality of code selection displaymeans in the security code selection module.

Next, the member authentication server 400 receives the encoded memberauthentication data transmitted in S300, decodes the received encodedmember authentication data, and analytically compares the decoded memberauthentication data with member authentication data previously stored ina separate member authentication information DB 300 to determine whethera corresponding user is authenticated as a member (S400).

When a plurality of code selection display means are selected by theuser in the security code selection module of the member authenticationmeans in S300, the member authentication server 400 may compare an orderof selecting the code selection display means in the memberauthentication data transmitted from the user terminal 100-1 to 100-Nand an order of selecting code selection display means in the memberauthentication data stored in the member authentication information DB300 to determine whether the user is authenticated as a member.

That is, when a result of the comparison is that the order of selectingthe code selection display means transmitted from the user terminal100-1 to 100-N is the same as the order of selecting the code selectiondisplay means stored in the member authentication information DB 300,the member authentication server 400 authenticates the user as a member.

Subsequently, when a result of the determination in S400 is that theuser is authenticated as a member because the decoded memberauthentication data is the same as the member authentication datapreviously stored in the member authentication information DB 300, theweb server 200 provides the web service to the user terminal 100-1 to100-N (S500).

Additionally, after S300, the method may further include providing, bythe web server 200, a service such that a predetermined delimitercharacter (for example, a special character) is additionally insertedinto the member authentication data input through the memberauthentication means at predetermined intervals to be encoded.Preferably, the member authentication server 400 may provide a servicesuch that the predetermined delimiter character is additionally insertedinto the member authentication data stored in the member authenticationinformation DB 300 at the predetermined intervals to be updated todetermine whether the member is authenticated as a member.

The method of user security authentication in an Internet environmentaccording to an embodiment of the present invention can also beimplemented as computer-readable codes on a computer-readable recordingmedium. The computer-readable recording medium is any data storagemedium that can store data which can be thereafter read by a computersystem.

Examples of the computer-readable recording medium include a read-onlymemory (ROM), a random-access memory (RAM), a CD-ROM, a magnetic tape, ahard disk, a floppy disk, a mobile storage device, a non-volatile memory(flash memory), and an optical data storage device.

The computer-readable recording medium can also be distributed overcomputer systems connected through a computer communication network sothat the computer-readable code is stored and executed in a distributedfashion.

With the system and method for user security authentication in anInternet environment according to an embodiment of the presentinvention, a user can generate encoded member authentication data bycombining a member ID, a password, and a unique code value of a securitycode selection module that are selected when the user has signed up formembership to any web service provider system, thus increasing codecomplexity in an access stage at which the web service provider systemis accessed as well as simply enhancing security.

While the preferred embodiments of the system and method for usersecurity authentication in an Internet environment are described, thepresent invention is not limited thereto, various modifications may bemade therein, and the appended claims are intended to cover all suchmodifications which may fall within the spirit and scope of theinvention.

What is claimed is:
 1. A system for user security authentication in anInternet environment, the system comprising: one or more servers havingone or more processing circuits and a non-transitory storage medium, thenon-transitory storage medium having computer code that is executable bythe one or more processing circuits to cause the system to: receive aweb service request from a device; transmit, after receiving the webservice request, a member authentication object, the memberauthentication object comprising: a member identifier (ID) module, apassword module, and a security code selection module, the security codeselection module comprising a plurality of code selection displayobjects displayable on a webpage of the device, each code selectiondisplay object of the plurality of code selection display objects havinga unique code value comprising at least two characters, at least one ofthe plurality of code selection display objects being preselected by auser of the device and associated with stored member authentication dataof the user; receive, after transmitting the member authenticationobject, encoded member authentication data, the encoded memberauthentication data comprising data encoded by combining a member ID, apassword, and the unique code value of the at least one of the pluralityof code selection display objects; decode the received encoded memberauthentication data, and analytically compare the decoded memberauthentication data with the stored member authentication data todetermine whether the user is authenticated as a member; and provide,after determining that the user is authenticated as a member, the webservice to the device.
 2. The system of claim 1, wherein the unique codevalue of the at least one of the plurality of code selection displayobjects does not provide an indication of a rendered indicator of the atleast one code selection display objects.
 3. The system of claim 1,wherein the plurality of code selection display objects includes atleast one of a number, a character, a figure, an image, a color, or akeyword or a combination thereof.
 4. The system of claim 1, wherein thecomputer code is executable by the one or more processing circuits tofurther cause the system to: provide, based on the plurality of codeselection display objects being displayed the web page of the device, aservice to display the plurality of code selection display objects in arandom order of arrangement.
 5. The system of claim 1, wherein thecomputer code is executable by the one or more processing circuits tofurther cause the system to: compare, based on receiving data indicatinga user selection of at least two of the plurality of code selectiondisplay objects in the decoded member authentication data, a sequence ofselecting the at least two code selection display objects in the decodedmember authentication data and a sequence of selecting code selectiondisplay objects in the stored member authentication data to determinewhether the user is authenticated as a member.
 6. The system of claim 1,wherein the computer code is executable by the one or more processingcircuits to further cause the system to: configure the memberauthentication object to insert, at predetermined intervals, apredetermined delimiter character into received member authenticationdata used to generate the encoded member authentication data; and insertthe predetermined delimiter character into the stored memberauthentication data at the predetermined intervals.
 7. A method for usersecurity authentication in an Internet environment, the methodcomprising: receiving a web service request from a device; transmitting,after receiving the web service request, a member authentication object,the member authentication object comprising: a member identifier (ID)module, a password module, and a security code selection module, thesecurity code selection module comprising a plurality of code selectiondisplay objects displayable on a webpage of the device, each codeselection display object of the plurality of code selection displayobjects having a unique code value comprising at least two characters,at least one of the plurality of code selection display objects beingpreselected by a user of the device and stored with stored memberauthentication data of the user; receiving, after transmitting themember authentication object, encoded member authentication data, theencoded member authentication data comprising data encoded by combininga member ID, a password, and the unique code value of the at least oneof the plurality of code selection display objects; decoding thereceived encoded member authentication data, and analytically comparingthe decoded member authentication data with the stored memberauthentication data to determine whether the user is authenticated as amember; and providing, after determining that the user is authenticatedas a member, the web service to the device.
 8. The method of claim 7,further comprising configuring the security code selection module as asingle-dimensional or multidimensional table, the plurality of codeselection display objects being arranged in the table to be selected bythe user.
 9. The method of claim 7, wherein the plurality of codeselection display objects includes at least one of a number, acharacter, a figure, an image, a color, or a keyword or a combinationthereof.
 10. The method of claim 7, further comprising: providing, basedon the plurality of code selection display objects being displayed theweb page of the device, a service to display the plurality of codeselection display objects in a random order of arrangement.
 11. Themethod of claim 7, further comprising: comparing, based on receivingdata indicating a user selection of at least two of the plurality ofcode selection display objects in the decoded member authenticationdata, a sequence of selecting the at least two code selection displayobjects in the decoded member authentication data and a sequence ofselecting code selection display objects in the stored memberauthentication data to determine whether the user is authenticated as amember.
 12. The method of claim 7, further comprising: configuring themember authentication object to insert, at predetermined intervals, apredetermined delimiter character into received member authenticationdata used to generate the encoded member authentication data; andinserting the predetermined delimiter character into the stored memberauthentication data at the predetermined intervals.
 13. A non-transitorycomputer-readable storage medium storing a set of computer executableinstructions, the instructions, when executed by one or more processorsof the computer, cause the computer to perform operations comprising:receiving a web service request from a device; transmitting, afterreceiving the web service request, a member authentication object, themember authentication object comprising: a member identifier (ID)module, a password module, and a security code selection module, thesecurity code selection module comprising a plurality of code selectiondisplay objects displayable on a webpage of the device, each codeselection display object of the plurality of code selection displayobjects having a unique code value comprising at least two characters,at least one of the plurality of code selection display objects beingpreselected by a user of the device, a unique code value of the at leastone of the plurality of the code selection display objects stored withstored member authentication data of the user; receiving, aftertransmitting the member authentication object, encoded memberauthentication data, the encoded member authentication data comprisingdata encoded by combining a member ID, a password, and the unique codevalue of the at least one of the plurality of code selection displayobjects; decoding the received encoded member authentication data, andanalytically comparing the decoded member authentication data with thestored member authentication data to determine whether the user isauthenticated as a member; and providing, after determining that theuser is authenticated as a member, the web service to the device. 14.The non-transitory computer-readable storage medium of claim 13, theoperations further comprising: configuring the security code selectionmodule as a single-dimensional or multidimensional table, the pluralityof code selection display objects being arranged in the table to beselected by the user.
 15. The non-transitory computer-readable storagemedium of claim 13, wherein the plurality of code selection displayobjects includes at least one of a number, a character, a figure, animage, a color, or a keyword or a combination thereof.
 16. Thenon-transitory computer-readable storage medium of claim 13, theoperations further comprising: providing, based on the plurality of codeselection display objects being displayed the web page of the device, aservice to display the plurality of code selection display objects in arandom order of arrangement.
 17. The non-transitory computer-readablestorage medium of claim 13, the operations further comprising:comparing, based on receiving data indicating a user selection of atleast two of the plurality of code selection display objects in thedecoded member authentication data, a sequence of selecting the at leasttwo code selection display objects in the decoded member authenticationdata and a sequence of selecting code selection display objects in thestored member authentication data to determine whether the user isauthenticated as a member.
 18. The non-transitory computer-readablestorage medium of claim 13, the operations further comprising:configuring the member authentication object to insert, at predeterminedintervals, a predetermined delimiter character into received memberauthentication data used to generate the encoded member authenticationdata; and inserting the predetermined delimiter character into thestored member authentication data at the predetermined intervals.